Editorial Board Thoughts: Library Analytics and Patron Privacy Ken Varnum INFORMATION TECHNOLOGY AND LIBRARIES | DECEMBER 2015 2 Two significant trends are sweeping across the library landscape: assessment (and the corresponding collection and analysis of data) and privacy (of records of user interactions with our services). Libraries, perhaps more than any other public service organization, are strongly motivated to assess their offerings with dual aims. The first might be thought of as an altruistic goal: understanding the needs of their particular clientele and improving library services to meet those needs. The second is perhaps more existential: helping justify the value libraries create to whatever sources of funding are necessary to impress. Both are valid and important. It is hard to argue that improving services, focusing on actual needs, and maintaining funding are in any way improper goals. However, this desire is often seen as being in conflict with exploring too deeply the actions or needs of individual constituents, despite librarians’ historical and deeply-held belief that each constituent’s precise information needs should be explored and provided for through personalized, tailored services. Solid assessment cannot happen without solid data. Libraries have historically relied on qualitative surveys of their users, asking users to evaluate the quality of the services they receive. Being able to know more details and ask directed questions of individuals who used services is possible in the traditional library setting through invitations to complete surveys after individual interactions such as a reference or circulation desk interaction, library program, visit to a physical location, or even a community-wide survey invitation. Focus groups can be assembled as well, of course, once a library has identified a real-world group to study. However, those samples are more often convenience samples or—unless a library is able to successfully contact and receive responses from across the entire community— somewhat self-selected. Assessment that leads to new or improved services relies much more heavily on broad-based understanding of the users of a system. Libraries have been able to do limited quantitative studies of library usage—at its simplest, counting how many of this were checked out, how many of that was accessed, and how many users were involved. These metrics are useful, but also limited, particularly at the scale of a single library. Knowing that a pool of resources is heavily used is helpful; even knowing that a suite of resources is frequently used collectively is beneficial. However, tying use of resources to specific information needs or information seekers, whether this is defined as Ken Varnum (varnum@umich.edu), a member of the ITAL Editorial Board, is Senior Program Manager for Discovery, Delivery, and Learning Analytics at the University of Michigan Library, Ann Arbor, Michigan. mailto:varnum@umich.edu EDITORIAL BOARD THOUGHTS: LIBRARY ANALYTICS AND PATRON PRIVACY | VARNUM doi: 10.6017/ital.v34i4.9151 3 individuals or ad hoc collections of users based on situational factors such as academic level, course enrollments, etc. These more specific grouping rely on granular data that for many libraries—especially academic ones—are increasingly electronic. We are at a point in time when we have the potential to leverage wide swathes of user data. And this is where the second trend, privacy, comes to bear. Protecting user privacy has been a guiding principle of librarianship in the United States (in particular) since the 1970s, as a strong reaction to U.S. government (through the FBI) requests to provide access to circulation logs for individuals under suspicion of espionage. This was in the early days of library automation, when large libraries with automated ILS systems could prevent future disclosure through the straightforward strategy of purging transaction records as soon as the item was returned. This practice became standard operating procedure in libraries, and expanded into new information service domains as they evolved over the following forty years. With good intentions, libraries have ensured that they maintain no long-term history for most online services. As a profession, we have begun to realize that the straightforward (and arguably simplistic) approaches we have relied on for so long may no longer be appropriate or helpful. Over the past year, these conversations found focus through a project coordinated by the National Information Standards Organization thanks to a grant from the Andrew W. Mellon Foundation.1 The range of issues discussed here was far-reaching and touched on virtually every aspect of privacy and assessment imaginable. The resulting draft document, Consensus Framework to Support Patron Privacy in Digital Library and Information Systems,2 outlines 12 principles that libraries (and the information service vendors they partner with) should follow as they establish “practices and procedures to protect the digital privacy of the library user.” This new consensus framework sets a series of guidelines for us to consider as we begin to move into this uncharted (for libraries) territory. If we are to record and make use of our users’ online (and offline, for that matter) footprints to improve services, improve the user experience, and justify our value, this document gives us an outline of the issues to consider. It is time (and probably long past time) that we make conscious decisions about how we assess our online resources, in particular, and do so with a deeper knowledge of both the resources used and the people using them. At the exact moment in our technological history when we find ourselves able to provide automated services at scale to our users through the Internet and simultaneously record and analyze the intricate details of those transactions, we need to come to think clearly about what questions we have, what data we need to answer them, and be explicit about how those data points are treated. It is important that we start this process now and change our blunt practices into more strategic data collection and analysis. Where 40 years ago we opted to INFORMATION TECHNOLOGY AND LIBRARIES | DECEMBER 2015 4 bluntly enforce user privacy by deleting the data, we should now take a more nuanced approach and store and analyze data in the service of improved services and tools for our user communities. We have the opportunity, through technology and a more nuanced understanding of privacy, to conduct a protracted reference interview with our virtual users over multiple interactions… and thereby improve our services. REFERENCES 1. http://www.niso.org/topics/tl/patron_privacy/ 2. http://www.niso.org/apps/group_public/download.php/15863/NISO%20Consensus %20Principles%20Users%20Digital%20Privacy.pdf http://www.niso.org/topics/tl/patron_privacy/ http://www.niso.org/apps/group_public/download.php/15863/NISO%20Consensus%20Principles%20Users%20Digital%20Privacy.pdf http://www.niso.org/apps/group_public/download.php/15863/NISO%20Consensus%20Principles%20Users%20Digital%20Privacy.pdf